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CLAIMS 

What is claimed is: 

5 1 . A method of providing location privacy, comprising: 

for a mobile computing device, assigning a pool of addresses with 
which a user can access a network, and preventing a third party from 
correlating a user's location with the mobile computing device. 

10 2. The method of claim 1, wherein said addresses comprise media access 
control (MAC) addresses. 

3. The method of claim 1, wherein said pool of addresses is assigned by a 
manufacturer of said mobile computing device. 

15 

4. The method of claim 1, wherein said pool of addresses are assigned to a 
network interface of said mobile computing device by a manufacturer and are 
unknown to a third party. 

20 5. The method of claim 1, wherein, when a user is to connect to an access 
point, a random address from said pool is provided, thereby allowing the user 
to connect to the access point. 



YOR920030223US1 



56 

6. The method of claim 5, wherein, when the user connects subsequently, a 
second address from the pool is used, said second address being different from 
said random address. 

7. The method of claim 1, wherein said pool of addresses comprise 
non-contiguous addresses. 

8. The method of claim 1, fiirther comprising: 

providing a block of subscriptions to a group, said group including 
said user, each subscription including its own user ID and password. 

9. The method of claim 8, ftirther comprising: 

judging whether a user ID and password and an address have been 
used previously at a particular site by said user; and 

based on said judging, subsequently selecting a different user ID and a 
different address at said particular site for said user. 

10. The method of claim 5, ftirther comprising: 

overriding, by said user, an address provided for use for said user, and 
intervening such that the user selects a specific address to use in the pool. 

1 1 . The method of claim 1 , ftirther comprising: 

sending an interactive message to the user. 
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12. The method of claim 1, wherein said network comprises a wireless 
network. 

13. The method of claim I, wherein said network comprises a wired network. 

5 

14. The method of claim 1, further comprising: 

selectively adjusting a number of addresses in said pool made available 
to said user based on a level of service desired by said user. 

10 15. The method of claim 1 , further comprising: 

selecting a random string for a user's host name each time said user 
logs on to an access point, such that the host name is unusable for location 
tracking. 

15 1 6. A method of providing a connection to an access point to a network, 
comprising: 

providing a detachable network interface for use in accessing said 
access point by a computing device, 

said detachable network interface breaking a linkage between a media 
20 access control (MAC) address associated with said computing device and the 
user. 

17. The method of claim 16, further comprising: 

metering an amount of service at said access point used by said user. 
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18. The method of claim 16, further comprising: 

placing a secret key on the detachable network interface. 

5 19. The method of claim 18, wherein said secret key is placed on all 
detachable network interfaces. 

20. The method of claim 1 8, wherein a different one of said secret key is 
provided for each said detachable network interface. 

10 

21. The method of claim 16, wherein said detachable network interface 
includes a balance display for indicating a balance representing an amount of 
service remaining on said detachable network interface, and thereby allowing 
for said detachable network interface to be tradable. 

15 

22. The method of claim 16, further comprising: 

securely signing onto said network by said detachable network 
interface without a user performing any expHcit action. 

20 23. The method of claim 16, further comprising: 

placing authentication information on said detachable network 
interface such that said network interface signs-on to obtain access to the 
network without explicit user action. 
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24. The method of claim 18, further comprising: 

challenging the detachable network interface to determine if said 
detachable network interface contains the secret key. 

5 25. The method of claim 24, wherein said challenging comprises generating a 
random number by the access point and sending the random number to the 
detachable network interface encrypted using the secret key. 

26. The method of claim 25, further comprising: 
10 authenticating the detachable network interface such that the number is 

decrypted, on the user side, using the secret key, transforming the number in a 
predetermined manner, re-encrypting the number and sending the number 
back to the access point. 

15 27. The method of claim 26, wherein if the detachable network interface 
authenticates, then the user is allowed access to said access point. 

28. The method of claim 18, wherein each detachable network interface 
contains a secret key unique from one another, said method further 

20 comprising: 

maintaining a database of secret keys indexed by a media access 
control (MAC) address. 

29. A system for providing location privacy, comprising: 
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a module for assigning a pool of addresses with which a user can 
access a network via a mobile computing device, so as to prevent a third party 
from correlating a user's location with the mobile computing device. 

5 30. The system of claim 29, wherein said pool of addresses is issued by a 
manufacturer of said mobile computing device. 

31. The system of claim 29, wherein, when a user is to connect to a certain 
access point, said module for assigning provides a random address from said 

10 pool, thereby allowing the user to connect to the access point. 

32. The system of claim 31, wherein when the user connects again, said 
module for assigning provides a second address from the pool, said second 
address being different from said random address. 

15 

33. The system of claim 29, wherein said pool of addresses comprises 
non-contiguous addresses. 

34. The system of claim 29, wherein a block of subscriptions is provided to a 

20 group, said group including said user, each subscription including its own user 
ID and password. 

35. The system of claim 34, ftirther comprising: 
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a module forjudging whether a user ID and password and an address 
have been used previously at a particular site by said user; and 

a module, based on an output of said module forjudging, for 
subsequently selecting a different user ID and a different address at said 
5 particular site for said user. 

36. The system of claim 29, further comprising: 

a module for overriding the module for assigning and intervening such 
that the user selects a specific MAC address to use of the pool. 

10 

37. The system of claim 29, further comprising: 

a module for sending an interactive message to the user. 

38. The system of claim 29, wherein said network comprises a wireless 
15 network. 

39. The system of claim 29, wherein said network comprises a wired network. 

40. The system of claim 29, further comprising: 

20 a module for selectively adjusting a number of addresses in said pool 

made available to said user, based on a level of service desired by said user. 

41. The system of claim 29, further comprising: 
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a module for selecting a random string for a user's host name each 
time said user logs on to an access point, such that the host name is unusable 
for location tacking. 

42. A system for providing a connection to an access point to a network, 
comprising: 

a detachable network interface for use in accessing said access point by 
a computing device, 

said detachable network interface breaking a linkage between a media 
access control (MAC) address associated with said computing device and the 
user. 

43. The system of claim 42, further comprising: 

a module for metering an amount of service at said access point used 
by said user. 

44. The system of claim 42, further comprising: 

a secret key placed on the detachable network interface. 

45. The system of claim 44, wherein said secret key is placed on all 
detachable network interfaces. 

46. The system of claim 44, wherein a different one of said secret key is 
provided for each said detachable network interface. 
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47. The system of claim 42, wherein said detachable network interface 
includes a balance display for indicating a balance representing an amount of 
service remaining on said detachable network interface, and thereby allowing 

5 for said detachable network interface to be tradable. 

48. The system of claim 42, wherein said detachable network interface 
securely signs onto the network without a user performing any explicit action. 

10 49. The system of claim 42, further comprising: 

authentication information on said detachable network interface such 
that said network interface signs-on to obtain access to the network without 
explicit user action. 

15 50. The system of claim 44, further comprising: 

a module for challenging the detachable network interface to determine 
if said detachable network interface contains the secret key. 

5 1 . The system of claim 50, wherein said module for challenging comprises a 
20 generator for generating a random number by the access point and sending the 

random nxmiber to the detachable network interface encrypted using the secret 
key. 

52. The system of claim 51, further comprising: 
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a module for authenticating the detachable network interface such that 
the number is decrypted, on the user side, using the secret key, transforming 
the number in a predetermined manner, re-encrypting the number and sending 
the number back to the access point. 

5 

53. The system of claim 52, wherein if the detachable network interface 
authenticates, then the user is allowed access to said access point. 

54. The method of claim 42, wherein each said detachable network interface 
10 contains a secret key unique from one another, said system further comprising: 

a module for maintaining a database of secret keys indexed by a media 
access control (MAC) address. 

55. A method for deploying computing infrastructure, comprising integrating 
15 computer-readable code into a computing system, wherein the code in 

combination with the computing system is capable of performing the method 
of claim 1. 

56. A method for deploying computing infrastructure, comprising integrating 
20 computer-readable code into a computing system, wherein the code in 

combination with the computing system is capable of performing the method 
of claim 16. 
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57. A signal-bearing medium tangibly embodying a program of 
machine-readable instructions executable by a digital processing apparatus to 
perform the method of claim 1 . 



5 58. A signal-bearing medium tangibly embodying a program of 

machine-readable instructions executable by a digital processing apparatus to 
perform the method of claim 16. 
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